Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c82fe254e8cfb54a0b412db6a1150ac6952e3f9beb73fde881529bd737581d3a

  • Size

    1.0MB

  • Sample

    231012-dhvsqsdh65

  • MD5

    d458ad458abc415304fd2c142d7f4745

  • SHA1

    6acfc584e7f647685db6a1d167c1a68b5d7d1a0b

  • SHA256

    c82fe254e8cfb54a0b412db6a1150ac6952e3f9beb73fde881529bd737581d3a

  • SHA512

    3e91ac67520164034976dbc4c516d0a10eed6f70f8aa4f5766b97c5a4dbb3f4136f1b3454dcb78fc3e72d06bae601d8facd35d25ad2b39545482c93438fa573f

  • SSDEEP

    24576:byB7LsVeg07T5RZzVgOoLuzdj6nEmSJBoCWI:OB3Wd0vXrAO2nEmWBoC

Malware Config

Targets

    • Target

      c82fe254e8cfb54a0b412db6a1150ac6952e3f9beb73fde881529bd737581d3a

    • Size

      1.0MB

    • MD5

      d458ad458abc415304fd2c142d7f4745

    • SHA1

      6acfc584e7f647685db6a1d167c1a68b5d7d1a0b

    • SHA256

      c82fe254e8cfb54a0b412db6a1150ac6952e3f9beb73fde881529bd737581d3a

    • SHA512

      3e91ac67520164034976dbc4c516d0a10eed6f70f8aa4f5766b97c5a4dbb3f4136f1b3454dcb78fc3e72d06bae601d8facd35d25ad2b39545482c93438fa573f

    • SSDEEP

      24576:byB7LsVeg07T5RZzVgOoLuzdj6nEmSJBoCWI:OB3Wd0vXrAO2nEmWBoC

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks